-Ashu

Introduction
Protection and security requires that
computer resources such as CPU, software,
memory etc. are protected.
This extends to the operating system as well
as the data in the system.
This can be done by ensuring integrity,
confidentiality and availability in the
operating system.
The system must be protect against
unauthorized access, viruses, worms etc.
Confidentiality
means that your information can be seen only by
you and those that you want to see the
information.
Integrity
 involves making sure that your information
cannot be changed or removed without your
authorization.
Availability
Ensures that you can get to your information
when you need it.
Need for security
Security of a computer system is a crucial task. It is
a process of ensuring confidentiality and integrity of
the OS.
Security refers to providing a protection system to
computer system resources such as CPU, memory,
disk, software programs and most importantly
data/information stored in the computer system.
If a computer program is run by an unauthorized
user, then he/she may cause severe damage to
computer or data stored in it.
So a computer system must be protected against
unauthorized access, malicious access to system
memory, viruses, worms etc.
Program Threats
Operating system's processes and kernel do
the designated task as instructed.
If a user program made these process do
malicious tasks, then it is known as Program
Threats.
One of the common example of program
threat is a program installed in a computer
which can store and send user credentials via
network to some hacker.
Following is the list of some well-known program
threats.
 Virus − Virus as name suggest can replicate themselves
on computer system. They are highly dangerous and can
modify/delete user files, crash systems. A virus is generally
a small code embedded in a program. As user accesses the
program, the virus starts getting embedded in other files/
programs and can make system unusable for user
 Trojan Horse − Such program traps user login
credentials and stores them to send to malicious user who
can later on login to computer and can access system
resources.
 Trap Door − If a program which is designed to work as
required, have a security hole in its code and perform
illegal action without knowledge of user then it is called to
have a trap door.
 Logic Bomb − Logic bomb is a situation when a program
misbehaves only when certain conditions met otherwise it
works as a genuine program. It is harder to detect.
System and Network Threats

System threats refers to misuse of system

services and network connections to put user
in trouble.
System threats can be used to launch
program threats on a complete network
called as program attack.
 System threats creates such an environment
that operating system resources/ user files
are misused.
Following is the list of some well-known system
threats.
 Worm − Worm is a process which can choked down a
system performance by using system resources to
extreme levels. A Worm process generates its multiple
copies where each copy uses system resources,
prevents all other processes to get required resources.
Worms processes can even shut down an entire
network.
 Port Scanning − Port scanning is a mechanism or
means by which a hacker can detects system
vulnerabilities to make an attack on the system.
 Denial of Service − Denial of service attacks normally
prevents user to make legitimate use of the system. It
involves flooding a computer resource with more
requests than it can handle consuming its available
bandwidth which results in server overload. This
causes the resource (e.g. a web server) to crash or
slow down significantly so that no one can access it.
Authentication
 Authentication refers to identifying each user of the system
and associating the executing programs with those users.
 It is the responsibility of the Operating System to create a
protection system which ensures that a user who is running
a particular program is authentic.
 Operating Systems generally identifies/authenticates users
using following three ways −
 Username / Password − User need to enter a registered
username and password with Operating system to login into
the system.
 User card/key − User need to punch card in card slot, or
enter key generated by key generator in option provided by
operating system to login into the system.
 User attribute - fingerprint/ eye retina pattern/
signature − User need to pass his/her attribute via
designated input device used by operating system to login into
the system.
Goals of Protection
To prevent malicious misuse of the system by
users or programs.
To ensure that each shared resource is used
only in accordance with
system policies, which may be set either by
system designers or by system
administrators.
To ensure that errant programs cause the
minimal amount of damage possible.
To ensure confidentiality, integrity and
availability
Principles of Protection
The principle of least privilege dictates that
programs, users, and systems be given just
enough privileges to perform their tasks.
This ensures that failures do the least amount of
harm and allow the least of harm to be done.
Typically each user is given their own account,
and has only enough privilege to modify their
own files.
The root account should not be used for normal
day to day activities - The System Administrator
should also have an ordinary account, and
reserve use of the root account for only those
tasks which need the root privileges
Domain of Protection
A computer can be viewed as a collection
of processes and objects ( both HW & SW ).
The need to know principle states that a
process should only have access to those
objects it needs to accomplish its task, and
furthermore only in the modes for which it
needs access and only during the time frame
when it needs access.
The modes available for a particular object
may depend upon its type.
Domain Structure
A protection domain specifies the resources that
a process may access.
Each domain defines a set of objects and the types
of operations that may be invoked on each object.
An access right is the ability to execute an
operation on an object.
A domain is defined as a set of < object, { access
right set } > pairs, as shown below.
Access Matrix
The model of protection that we have been
discussing can be viewed as an access
matrix, in which columns represent different
system resources and rows represent
different protection domains.
Entries within the matrix indicate what
access that domain has to that resource.
The ability to copy rights is denoted by an
asterisk, indicating that processes in that
domain have the right to copy that access
within the same column, i.e. for the same
object.
The owner right adds the privilege of adding
new rights or removing existing ones:
Copy and owner rights only allow the
modification of rights within a column. The
addition of control rights, which only apply
to domain objects, allow a process operating
in one domain to affect the rights available in
other domains. For example in the table
below, a process operating in domain D2 has
the right to control any of the rights in
domain D4.